Cisco access control list

Question

i know that command

access-list 10 permit 192.168.3.0 0.0.0.255

This list allows traffic from all addresses in the range 192.168.3.0 to 192.168.3.255 but i have question why we need 10?

It also allows you to have multiple ACLs. You could have access-list 10 and access-list 11 and have them do two different things. It also allows a single ACL to have multiple lines. You could add another access-list 10 permit 192.168.1.0 0.0.0.255 and it will process the first line then work it's way down. The first line that packet matches will stop the processing. — btk_, Jul 23 '14 at 07:44

score 6 · Answer 1 · answered Nov 29 '10 at 14:06

6

The 10 is denoting which number the access-list is - it is identifying it. So if you have different ACLs that you want to apply to different interfaces, you would give them different numbers to differentiate them. When you apply the ACL to an interface, you tell the router that you want to apply ACL #10 to this interface.

answered Nov 29 '10 at 14:06

Dan

1,278
18
27

3

The 10 also identifies it as an IP standard acl (between 1 and 99). – murisonc Nov 29 '10 at 14:23

Cisco access control list

1 Answers1